Talking to the Masterminds Behind the Nikon Hacker Project

Chris Gampat The Phoblographer Tamron 90mm f2.8 VC sample images (11 of 19)ISO 16001-200 sec at f - 4.0

Not long ago, we wrongly reported from a source of ours that Magic Lantern was working on hacking Nikon cameras. Then, we were told that it was actually Vitaly that was responsible. But after some emails and further digging, we finally found out who the responsible folks are. The team behind the Nikon Hacker Project are six people located all over the world. And their aim is to hack Nikon DSLRs to unlock even more functionality for the video and photo world.

The team emailed us and we asked them a couple of questions about their intentions, who they are, and what Nikonians should expect.


Phoblographer: Tell us about the team. How many of you are working on the whole project and what are your backgrounds?

Chris Gampat Digital Camera Review Nikon D7100 product photos (1 of 7)ISO 5001-200 sec at f - 5.0

The current core team is 6 people, Max, Vicne, Leegong, 4cc3ss, Coderat and Simeon.

Max: I’m a chip designer working in Silicon Valley for the last 10 years. Previously I worked as a software engineer and a LAN admin. As a kid I ran a fairly large BBS and helped start many others. With the advent of the WWW, this transitioned into the creation of a “for-loss” web hosting business to host forums, personal sites, and small businesses — including

Vicne: I started programming on ZX-Spectrum, then Atari and PC, in as many languages as possible, and I’m a software engineer for 15+ years now. I’ve always been most interested in projects that involve both hardware and software aspects.

Leegong: My major is telecommunication, have been working for 18 years on GSM, CDMA network troubleshooting and engineering.

4cc3ss: My interest in electronics started from a very young age, building circuits and taking radios apart as I wanted to know how and what made them  work, my first computer was a zx80 followed by BBC micro which I used to program.

After college I spent time being a TV repair engineer, as I love the fault finding side of things.

I’ve worked with PSX, PS2, Xbox, Xbox360… mainly the 360.. xBoxhacker, rebuilding the Nand structure and finding how the system worked, also modified modems & tv cable boxes.

Simeon: I’m a software engineer with about 15 year’s development/test experience on mostly embedded systems. I’ve been doing reverse engineering for about 13 years, before that I tended to just try hack games to get extra lives.  I really love pulling things apart to understand how/why they work.

coderat: [newbie in team] I’ve been reversing since Arcanoid for DOS appeared and programming in many langauges since then also. I like to make things connectable/compatible/portable/compilable/FreeAvailable/working/OpenFreeStandard. I have been working as an Embedded Developer for the last 15 years.

Phoblographer: How did you guys first start looking into the programming on the Nikon DSLR cameras?

Chris Gampat The Phoblographer Nikon d5100 product shots (2 of 4)

Simeon: With a computer…

Ha-ha longer answer: The first step was getting a Nikon DSLR. Then a desire, I had known of the CHKD and Magic Lantern projects. But in reading ML related posts, I saw people wishing for a Nikon alt-firmware, and other people stating “it can’t be done” which was a challenge I decided to tackle.

Looking at the pre-encrypted firmware I noticed that there were large patterns in how the firmware was packed, and that it was consistent across models, I decided that it was most likely this pattern was still present in the post encrypted firmware, so I went about trying to recover the original patterns. Many cold winter nights, whiskey and luck, I unravelled it. Early blog posts got feedback from other people and a uniform pattern was found and the firmware was unlocked.

To load changed firmware onto a camera the checksum’s needed to resolved, and this was done as a team effort. It’s really fun waking up in the morning to find someone on the other side of the world has progressed something while you sleep.

After that it was standard boring/slow process of disassembling a large codebase with near zero insight. Deity-bless menu text, debug strings, and external API’s, like USB-based PTP, to gain some understanding of what the really large code base is doing, otherwise it would be a complete mess.

This is about when the Nikon Hacker site was setup by Max, and we gathered and shared there. The team has grown as people have joined, stepped up, and started doing.

At this point we really need to get our hands of the hardware spec sheets for the internal/external components, which are not published, or are under NDA, to speed up the unlocking of how the real work is done by the Video chipset.

Vicne: How did I start looking into Nikon? I got interested in photography only when it became digital, I got several Canon then Nikon DSLRs, and Simeon’s post about deciphered Nikon firmware triggered something in my mind, like “omg, could it be hacked for real?”. I have to say this is the first project I was involved in which counts members on 4 different continents. I share Simeon’s incredible sensation that the project never sleeps – although if we want to chat, the ones that never sleep end up being the members themselves.

Nikon D800 Memory Slots

4cc3ss: I first took up photography with a Nikon D40 back in 2008, and then was searching to see if there was any work being done towards the Nikon camera.

coderat: I moved half a year ago from an analog camera (BW) to Nikon DSLR and I have a lot of complaints 🙂

Max: I came to DSLRs from film SLRs and was unhappy with the cost of the bodies to get top-end features. I began with plans to create a USB-dongle for my D90 that would allow features such as HDR bracketing and time-lapse to be added to cheaper models.  I registered the domain to host that project. When Simeon made his first breakthrough on the firmware I retooled the site to have a forum and wiki and approached him and others to see if they would like to use it as their community. I wanted a focus on openness and collaboration, with attribution for people’s work. I have been blown away by the response and the immense talent of the core developers who have joined.

Phoblographer: Which ones are you really focusing on?

Simeon: Cameras? To begin with as I owned a D5100, that was the primary firmware explored. But in reality all firmware models have had time spent on them, to see if they were similar, and what was different.

Different team members have different cameras, and can afford to risk their cheaper gear, thus why the D3100 has patches that have been merged from the D5100 work, but we haven’t released anything for the D800.

Shot at 70mm @ f8

There are two major focuses of the project currently, getting the emulator “running”, and tweaking existing code to unlock in-built features.

The former is providing great insight to how the two different processors interact in the camera.

Now that I own a D7000, I’ve swapped to tweaking that firmware, as that’s what I can test when I find stuff. So for example the Liveview Raw work I showed a demo video of is pre-existing code in the D7000 firmware, but I’ve not got it “on” correctly, or it didn’t work correctly in the first place.

Vicne: Basically, I don’t care, but I settled on the D5100 because that’s where most progress took place. Once it’s 100% done, it’ll be much easier to transpose findings than if we start to work on all models at once.

Phoblographer: What improvements do you guys hope to make? Or what additions do you hope to add in?

Leegong: I strongly desire to hack for manual controlling of video, RAW video outputting and focus trap for non-cpu lens.

Simeon: There are things that sound useful, and should be simple to do like clean HDMI output (video), better bit-rates (video), auto video restart (video), remove Hot Pixel Suppression (astro), single button 100% zoom (low end), better bracketing steps.

Then there are cool features that are more about adding new code rather than tweaking the existing functionality, so bulb ramping, better time lapse support or zebra strip for overexposure.

Chris Gampat The Phoblographer Nikon D7100 product images (4 of 7)ISO 32001-30 sec at f - 5.6

And thing that users won’t directly see, but a simpler code loading scheme of the likes of how Magic Lantern load firmware. Getting the tooling all sorted so the camera is as easy to write code for as a desktop PC, thus increase the base of people that can contribute and allowing new features to be added.

Vicne: I’m not after higher framerates or other hi-end features, but I think fairly easy improvements could greatly benefit users, like adding the “OK button to zoom” feature to the D-600, or making the process of deleting a picture on the D7100 usable when shooting in RAW+JPEG (did you try that ?). Now more advanced features would be great, but honestly, my selfish goal is to get satisfy my curiosity of “how does it work” more than really focusing on a specific feature. But understanding is a prerequisite to add features of course…

Phoblographer: One of the biggest complaints about Nikon DSLRs for video is the fact that one can’t change the aperture in video mode–but they can with cinema lenses. Do you guys think you have a solution for fixing this problem with electronically coupled lenses?

Max:  I have always had a focus on older and less expensive models. I feel that a lot of interesting photo and science projects can make use of extending the capabilities of the cheaper cameras. There are many great examples of this with Canon models and the CHDK project.

Simeon: Leegong cares about this as noted above but it’s not getting any active attention that I’m aware of.

To me DSLRs are DLSRs first, and the fact they can record movies is great, but if they have downsides or hardware short comings, that comes with the territory. If we can get more out of the device excellent, if not, it’s still a great DSLR. Aka I brought my camera to take pictures, but I fully get that there is a market of people that are really happy to not have to pay big dollars to make videos. Thus there is more $$ in making those people happy than the group of people who want to save $20 dollars using off-brand batteries. And as tacky as it sounds to mention money, if we want to add features to more camera models, someone needs to have non-production hardware to test on. So to get donations for gear, you need to have donation worthy features.

Chris Gampat The Phoblographer Tokina 12-28mm f4 first impressions (1 of 14)ISO 4001-200 sec at f - 2.0

Phoblographer: Do you plan on working on any features for photographers?

Simeon: That was my primary goal in starting this work, and it’s how I use my camera.

Phoblographer: In a way, do you consider the Magic Lantern Team and Vitally competitors?

Simeon: No not at all. The Magic Lantern Team (ML) and the Canon Hack Development Kit (CHDK) team before are trail blazing, they have been at this task for so long, that to compare between the projects is to fail to understand how far they have come. The Personal-View team (PV) have also done great work on the Panasonic cameras. Both teams have much that we could leverage, but at the same time there is much that is different with the products that mean it’s not a cut’n’paste thing.

We have had a number of informative interactions with the ML team members, and they have been very open and giving of knowledge and their process in the areas that are common.

The interaction with PV team, has been a little more rocky, maybe a subtly getting lost in translation, or confusing over intentions, but this has led to mixed public messages about the who is doing what, the releasing of patching tooling, the attribution of the source of the patches, future plans, and maybe the real issue, were the “thank you” dollars go.

Vicne: No question that the ML team have achieved the most impressive camera hack of all time. Huge kudos to them! But fortunately I don’t think anybody here is in a competition. I just believe that people deserve credit for what they do, and that probably means we should communicate better on our achievements…

Please Support The Phoblographer

We love to bring you guys the latest and greatest news and gear related stuff. However, we can’t keep doing that unless we have your continued support. If you would like to purchase any of the items mentioned, please do so by clicking our links first and then purchasing the items as we then get a small portion of the sale to help run the website.

Also, please follow us on FacebookFlickr and Twitter.